Topic Last Modified: 2012-10-20

Firewall port requirements for a single Director consist of the ports that are used to establish communication with the Director from the internal interface or internal-facing network of the reverse proxy. Microsoft Lync Server 2013 by default expects ports HTTP/TCP 8080 and HTTPS/TCP 4443 to be open from the reverse proxy to the Director, as well as the Front End pool and Front End Server. Additionally, there must be session initiation protocol (SIP) communication from the Edge Server internal interface to the Director and to the Front End pool and Front End Server. The SIP protocol uses SIP/MTLS/TCP 5061 from the Edge Server to the Front End pool and Front End Server. A rule that allows SIP/MTLS/TCP 5061 communication from the Director, Front End pool and Front End Server to the Edge Server internal interface must be created as well.

Single Director Ports and Protocols for Firewall Definitions

Role/Protocol/TCP or UDP/Port Source IP address Destination IP address Notes

HTTP/TCP 8080

Reverse proxy internal interface

Director

Initially received by the external side of the reverse proxy, the communication is sent on to the Director and Front End Server web services

HTTPS/TCP 4443

Reverse proxy internal interface

Director

Initially received by the external side of the reverse proxy, the communication is sent on to the Director and Front End Server web services

HTTPS/TCP 444

Director

Front End server or Front End pool

Inter-server communication between the Director and the Front End Server

HTTP/TCP 80

Internal Clients

Director web services

The Director provides web services to internal and external clients.

HTTPS/TCP 443

Internal Clients

Director web services

The Director provides web services to internal and external clients.

SIP/MTLS/TCP 5061

Edge Server internal interface

Director

SIP communication from the Edge Server to the Director, and the Front End Server.

MTLS/TCP/50001

Any

Edge Server internal interface

Centralized Logging Service controller (ClsController.exe) or agent (ClasAgent.exe)commands and log collection

MTLS/TCP/50002

Any

Edge Server internal interface

Centralized Logging Service controller (ClsController.exe) or agent (ClasAgent.exe)commands and log collection

MTLS/TCP/50003

Any

Edge Server internal interface

Centralized Logging Service controller (ClsController.exe) or agent (ClasAgent.exe)commands and log collection